﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Text;
using OnlineAuction.Common;
using OnlineAuction.Entity;

namespace OnlineAuction.DataAccess
{
    public class UserDA
    {
        public DataSet ViewUser(string name)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //Get all user
                try
                {
                    SqlDataAdapter da = new SqlDataAdapter("ViewUser", conn);
                    da.SelectCommand.CommandType = CommandType.StoredProcedure;
                    da.SelectCommand.Parameters.AddWithValue("@UserName", name);
                    DataSet ds = new DataSet();
                    da.Fill(ds);
                    return ds;
                }
                catch
                {
                    conn.Close();
                    return null;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }
        public DataSet GetUser(string username)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //Get all user
                try
                {
                    SqlDataAdapter da = new SqlDataAdapter("GetUser", conn);
                    da.SelectCommand.CommandType = CommandType.StoredProcedure;
                    da.SelectCommand.Parameters.AddWithValue("@username", username);
                    DataSet ds = new DataSet();
                    da.Fill(ds);
                    return ds;
                }
                catch
                {
                    conn.Close();
                    return null;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }
        public bool DeleteUsers(string UserName)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //delete user in database
                try
                {
                    conn.Open();
                    SqlCommand command = new SqlCommand("DeleteUser", conn);
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add(new SqlParameter("@UserName", UserName));
                    command.ExecuteNonQuery();
                    conn.Close();
                    return true;
                }
                catch
                {
                    conn.Close();
                    return false;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }
        public bool BanUsers(string UserName)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //Ban user in database
                try
                {
                    conn.Open();
                    SqlCommand command = new SqlCommand("BanUser", conn);
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add(new SqlParameter("@UserName", UserName));
                    command.ExecuteNonQuery();
                    conn.Close();
                    return true;
                }
                catch
                {
                    conn.Close();
                    return false;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }
        public bool ActiveUsers(string UserName)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //active user in database
                try
                {
                    conn.Open();
                    SqlCommand command = new SqlCommand("ActiveUser", conn);
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add(new SqlParameter("@UserName", UserName));
                    command.ExecuteNonQuery();
                    conn.Close();
                    return true;
                }
                catch
                {
                    conn.Close();
                    return false;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }
        public bool CheckUserPassword(string UserName, string UserPassword)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //check user password in database
                try
                {
                    conn.Open();
                    SqlCommand command = new SqlCommand("CheckUserPassword", conn);
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add(new SqlParameter("@UserName", UserName));
                    command.Parameters.Add(new SqlParameter("@UserPassword", UserPassword));
                    var dr = command.ExecuteReader();
                    if (dr.Read())
                    {
                        conn.Close();
                        return true;
                    }
                    else
                    {
                        conn.Close();
                        return false;
                    }
                }
                catch
                {
                    conn.Close();
                    return false;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }
        public bool AddUsers(UserDTO u)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //insert user to database
                try
                {
                    conn.Open();
                    SqlCommand command = new SqlCommand("AddUsers", conn);
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add(new SqlParameter("@UserName", u.UserName));
                    command.Parameters.Add(new SqlParameter("@UserPassword", u.UserPassword));
                    command.Parameters.Add(new SqlParameter("@UserFullName", u.UserFullName));
                    command.Parameters.Add(new SqlParameter("@UserGender", u.UserGender));
                    command.Parameters.Add(new SqlParameter("@UserPhoneNumber", u.UserPhoneNumber));
                    command.Parameters.Add(new SqlParameter("@UserAddress", u.UserAddress));
                    command.Parameters.Add(new SqlParameter("@UserEmail", u.UserEmail));
                    command.Parameters.Add(new SqlParameter("@UserIdentityCard", u.UserIdentityCard));
                    int count = command.ExecuteNonQuery();
                    conn.Close();
                    if (count == 1)
                    {
                        return true;
                    }
                    else
                    {
                        return false;
                    }
                }
                catch
                {
                    conn.Close();
                    return false;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }

        public bool UpdateProfile(UserDTO u)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //insert user to database
                try
                {
                    conn.Open();
                    SqlCommand command = new SqlCommand("UpdateProfile", conn);
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add(new SqlParameter("@UserName", u.UserName));
                    command.Parameters.Add(new SqlParameter("@UserFullName", u.UserFullName));
                    command.Parameters.Add(new SqlParameter("@UserGender", u.UserGender));
                    command.Parameters.Add(new SqlParameter("@UserPhoneNumber", u.UserPhoneNumber));
                    command.Parameters.Add(new SqlParameter("@UserAddress", u.UserAddress));
                    command.Parameters.Add(new SqlParameter("@UserEmail", u.UserEmail));
                    command.Parameters.Add(new SqlParameter("@UserIdentityCard", u.UserIdentityCard));
                    command.ExecuteNonQuery();
                    conn.Close();
                    return true;
                }
                catch
                {
                    conn.Close();
                    return false;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }

        public bool ChangePassword(string UserName, string UserPassword)
        {
            //Get connection to database
            SqlConnection conn;
            Database db = new Database();
            using (conn = db.GetConnection())
            {
                //Change user password in database
                try
                {
                    conn.Open();
                    SqlCommand command = new SqlCommand("ChangePassword", conn);
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add(new SqlParameter("@UserName", UserName));
                    command.Parameters.Add(new SqlParameter("@UserPassword", UserPassword));
                    command.ExecuteNonQuery();
                    conn.Close();
                    return true;
                }
                catch
                {
                    conn.Close();
                    return false;
                }
                finally
                {
                    conn.Dispose();
                }
            }
        }
    }
}
